Overview

overview

4

Static

static

4

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

Bv9ARM.ch01.html

windows7-x64

1

Bv9ARM.ch01.html

windows10-2004-x64

1

Bv9ARM.ch02.html

windows7-x64

1

Bv9ARM.ch02.html

windows10-2004-x64

1

Bv9ARM.ch03.html

windows7-x64

1

Bv9ARM.ch03.html

windows10-2004-x64

1

Bv9ARM.ch04.html

windows7-x64

1

Bv9ARM.ch04.html

windows10-2004-x64

1

Bv9ARM.ch05.html

windows7-x64

1

Bv9ARM.ch05.html

windows10-2004-x64

1

Bv9ARM.ch06.html

windows7-x64

1

Bv9ARM.ch06.html

windows10-2004-x64

1

Bv9ARM.ch07.html

windows7-x64

1

Bv9ARM.ch07.html

windows10-2004-x64

1

Bv9ARM.ch08.html

windows7-x64

1

Bv9ARM.ch08.html

windows10-2004-x64

1

Bv9ARM.ch09.html

windows7-x64

1

Bv9ARM.ch09.html

windows10-2004-x64

1

Bv9ARM.ch10.html

windows7-x64

1

Bv9ARM.ch10.html

windows10-2004-x64

1

Bv9ARM.html

windows7-x64

1

Bv9ARM.html

windows10-2004-x64

1

Bv9ARM.pdf

windows7-x64

1

Bv9ARM.pdf

windows10-2004-x64

1

README.vbs

windows7-x64

1

README.vbs

windows10-2004-x64

1

RELEASE-NO...V.html

windows7-x64

1

RELEASE-NO...V.html

windows10-2004-x64

1

RELEASE-NO...SV.pdf

windows7-x64

1

RELEASE-NO...SV.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    158s
  • max time network
    161s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bv9ARM.ch05.html

  • Size

    6KB

  • MD5

    ff48c9a836db1fc55b40c1dda4bc5460

  • SHA1

    4602e5ca55051fa9ceba46677eb2796a75a4b559

  • SHA256

    a8ba83da4905b85644cb4db43e673daa1448cb0d18fa1e88f398bad52f1903bb

  • SHA512

    4116e34c9903a1def5d76bc18cd2a7ea05f7823da784c8a7308333a4fb822bb5fe29d7e5c0387f07935441bd83113db5cb235dfd55d9bc514de44cc5a4be457e

  • SSDEEP

    192:yyvOH44cNSpnfi0SkKZHlyK6Qar08+jg4gY0:yyvOYvYkI4H8Qi4C

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\Bv9ARM.ch05.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2856
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2856 CREDAT:275457 /prefetch:2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:2960

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ec6fd2b3daf7fe25b5482fb9c741ca92

    SHA1

    5c1ce4181c2e21a55b4225cc5dece39730822893

    SHA256

    cd1c66c4499740cd39e66aaba9f6f66653cefdc6d3aac418bbf0c483a04e4777

    SHA512

    ac7bf00ac9d99a6c7af94e842d85a6b6093c3040be0054a4de9c0e829b8d5757887a599c60ef98899e02537c4e93fa902d14ecb745da5c1e7c425f934f0b5637

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    eafcc1b797d3070ff8ad0eb06756e0ed

    SHA1

    3e1f4e61c273b8996e3616d645200ab337627b74

    SHA256

    de3711f8bf303c11a1212c6311cf4661b547deb383da6f2a83349adbf54ab84b

    SHA512

    3db6700c6cddea8096140b8b6c48411c9a8de319f7b29a95cc3080af0083fb345bcfe8d39bacbb33b70e175a699d58777e282be089ec9c6e0ba1174f32171db3

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f5b46cdd8d887f32b46cf66ddb5bb605

    SHA1

    ffd69c17fe16a1be77276f0a11f4a9e22d65695a

    SHA256

    bf229c18667ed20734b9ef39a6898b629c20b9926adaf71d7eed545b975241cc

    SHA512

    416d02aa66c41fcf7fbf63bbc1b5c98f03a007cd64f536f5550ab4b428189035bb9e625a64dc8dbbfd5a073522bbca17f8a8834c7762b3cf33f9bd4f8b5534c4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    d5bea5dacf6c404c90129be1e20358f2

    SHA1

    9d98a691ccc45effe9163dedf994c9feb58eee49

    SHA256

    ca74bef4d41db405fecaa500ba0bb0d9f487cc142acceda5c2b402430b2e058b

    SHA512

    44b7d83387b1fa28bdf5989c7a71505abab9f628123660600ab7e73f23dea5af908bf33067c78572e1d56a6a3803c44a7d2522e8e68d807dff9fa826096068f4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b1db3e1daf5c4f1c004cb2db491b5a00

    SHA1

    d9a79d5fa4b308decd61f9351dca7b9d06d964a0

    SHA256

    2d7bc5cd5f8c1a42a77f29e286216aa5a4b6bb45814fa4d552c75334b4052850

    SHA512

    5651fd489b4bc1078ea286d95c079414ce4451c2af6d731cbb625cbf88256323fb022e9971a9d92bbce13e75ccd0ce5d5bb0191ceb68e99eb16106cd9d2ad8a2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c37ed415088584aae45f451922bd5a6c

    SHA1

    69e9a6b05c5f06369718d6f3f85d75509ecc59ea

    SHA256

    c4cf6562172f7f942a0fdeca1ded199dd42dcf023d19c4a48ef5117c99c9a606

    SHA512

    75866dca420c0d1b39d88a5a60446d88a43607663c35ac4d75112c2956b3a42ef3db0b8591c52d4f80e5862ef93c80ffcd18d0e4c6eaec8d8d872ae347184fc0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    746bda1806da82d5e8c59e63ce2e4d1a

    SHA1

    d2e9321ad6949869e60d9e3b3b7e84edb2fc6a17

    SHA256

    e8c43a340c8ed9ede074b856f1f2b6f4424f0300e2d01b923396fe15c60bc388

    SHA512

    bab2ef6632ef99c17adf121686a26fc727fc0a1b0ed10405ae2e5dcb09abe6be51e20416bd22d22feabbc9169c0de108476d0963e4af4c3be4cdb00a5a163ff8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    746bda1806da82d5e8c59e63ce2e4d1a

    SHA1

    d2e9321ad6949869e60d9e3b3b7e84edb2fc6a17

    SHA256

    e8c43a340c8ed9ede074b856f1f2b6f4424f0300e2d01b923396fe15c60bc388

    SHA512

    bab2ef6632ef99c17adf121686a26fc727fc0a1b0ed10405ae2e5dcb09abe6be51e20416bd22d22feabbc9169c0de108476d0963e4af4c3be4cdb00a5a163ff8

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    f64cb5bb281af3ce90007cb27d1e47f1

    SHA1

    53dffa037d2c166ba80215985f4f83562ca41cfa

    SHA256

    62afef02d982529bdcb20fbf05a6dde5edf87283b34a490c1786e1ff68fa1899

    SHA512

    f44e55591f87744cc2212a5499e00adfc1b0ea8eabedb14a2bb74b0f17a3306450da4ea174aaf49c9f7d6c262139e1bd53d01e5ca9ace6f2cb30ae75b77dfaa7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    34b42e34db050e13f16444b82fa44c37

    SHA1

    7967dac77f85296f86a28e6a3f68b655658f1f6c

    SHA256

    ae823c843714654322b8011d413f8db5baa93e2e7b19983445486f83e240972b

    SHA512

    877c4d96eeeab999262902c6935572a8cb6b8bcc2ba700e2e0ec1ada677bb5b781032d7110733eae3ca92d6f778d39cbf3c095b010da0f214798474ba8fa41bb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0eeae8dde155b4e58dcfc9885069d5ba

    SHA1

    34cf480999b3360254e5f7b94799d57e03c3cdc5

    SHA256

    72d88f49e4dd873bb23a817368d87e83ad8d1e9612904676db3858259616700d

    SHA512

    0c555b6c7b4e5b8a3ea7d10a5fe70d0b22199ac8474282db56a4535b6225f46e7550f3a25a80ef0b62cea6ef7e1c8702d0c3d53e3f14f996d98c06ffceabd9fa

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6d7f093b1835a88d298321bffb6deeaf

    SHA1

    a8765e6dc25d588033c1a1036a2f5b2050550b10

    SHA256

    f5a9299e4f7899d1c4d63d3c88f41b231b96095cfbc741207c688fa30db7c6eb

    SHA512

    0877d94ee32fc1e2c5d0975a95e7e33a8b37d01a38c073733944ba6e5368585af335d74d5f29b6442952e22ddbb9b48045235623b8bb07c7683142852d2ea7b0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9c997edfe730423e7972830e6eb26fdd

    SHA1

    abb752db2b534f81eac6c6fbf47129f2bd98a451

    SHA256

    ce9f301b17fdbcd4bb916a4c13d78a87a22ea4587d6ea857d98fe60de7686c53

    SHA512

    d390d95535b065c4199798a780156a37315c5f466a08721b706595121c0d81714a8bb3a1a5ba4671ad3ffadcc6be1b57c48dd3528d1f93d8dbfdadfef6836074

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    69b71aa380f0e5382ed49e4a752af70a

    SHA1

    9278e4fa41677f53504fac838943683d610a9f8d

    SHA256

    3497e660325c1b3143ac6f7715a00ff2dee2d00a127ba21c4b3b129f2938a6b5

    SHA512

    2f9c3e63253c076c73446bc7e8bebdc5eb7cdd9555dedf3e2022aaca03c96da9ac3a88ea77760f73d1dc1ae96f17df38983ab944dbb781753be76e9b7245fb1d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1a79905d744b2ae6836cea4e6518c417

    SHA1

    ce6cea19beb7f3095462da111069c9e5551889dc

    SHA256

    ee0e896e50c40f5a3d77082abda407adad360c070f2de81fd1a7858462bc1496

    SHA512

    2a4d422c7cc25b921780e6fcc6f7c433526bc44bf295fa63524eced407eefd363e7ce16f653da01ad20b92d9535458849991e321e7d0f7e5ad5364d815358ded

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1cbeefb17f23cdd728d8da9214888a0c

    SHA1

    deecf021405cec980af8080a177264c1720572e4

    SHA256

    83f9ac7e294f9d44ddf91b09a8cdacd83bf964db02842b66afad32ddf6159341

    SHA512

    ae4d2966bf5c25bbfad656a23412275282912661513013e456986853037fbaca78fb0f22bce10e499b359e6b14b546db72f47d9d712d5225faffe0827476e705

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b17d5f68b657ceb2b52a8fc1be5f2c9d

    SHA1

    b39c0bd0636be467cdecc8d9f08dd7780597c69c

    SHA256

    da95e43ae812127223d295bfda5aa2991458f1c966f5bec00e066df23f0f1c88

    SHA512

    b51853347f1d2bf1b501279ae8d861c3bfb2f4f6cba6632121f5d3553e8fabfc8514041b6e50a61186642fba8331e7adb40475ee1f7febdc2cb684615c21a9cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    1588d2c58287c479e9c169ffeeae4113

    SHA1

    ce9dd49423b323a98f07f35a3bf2a223734276fe

    SHA256

    a47ffcdd9b2f2de7a04511c1d60b20d5ebc5119c15a65557840e43d3d9211a1f

    SHA512

    ebd6d8b35b74ec6c5771d38e06899d8239d0d9e745b7b46b3cf799526b9e4d4b65c2aa7a32cb8bb4334076cbbeb81c7c59b576cc912d14b3e9c90217b726abc4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    9db9e0cdf6be8b1353da560e3a9e07cc

    SHA1

    451a6bb279168b7dd0018c280a17db1456ccae7d

    SHA256

    ba2d191200abcdef9c876e44778b901eea39fa9636733c0748d5d3ad1ebaeb7b

    SHA512

    d836afef981cc4b7f7e80b11f75c3054005ba1260c82cb403b44ee41b3e3dc9a008689fc820a1d1624226d81b1d8f394c573ce1da946aae29f9cfdf7e2b801ec

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c8a4ca5b2cea370287af3b73b3680816

    SHA1

    48d5d0c99e968268f4793f2dd3035c483f6f87ab

    SHA256

    c78246b01bcc0ffa0c9fbef125c233fbd5e0864f35fb8b1aa5b90b1c0439288f

    SHA512

    fd452b3825929311c3c11fb00a1ec1ce6d308e4e5b916a431a69dd3898c8d252a211fd44e27d137fbd16d19a62b5e3d2e3072138af981584b5e2b70f0affe5df

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabCFB0.tmp
    Filesize

    61KB

    MD5

    f3441b8572aae8801c04f3060b550443

    SHA1

    4ef0a35436125d6821831ef36c28ffaf196cda15

    SHA256

    6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

    SHA512

    5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarD040.tmp
    Filesize

    163KB

    MD5

    9441737383d21192400eca82fda910ec

    SHA1

    725e0d606a4fc9ba44aa8ffde65bed15e65367e4

    SHA256

    bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

    SHA512

    7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

    Download Submit